Chapter 2. Overview of Blockchain Technology and Introduction to BaaS

Blockchain is a type of DLT where blocks of data are permanently linked to one another. As mentioned in Chapter 1, it’s the underlying technology to cryptocurrency, a peer-to-peer system in which assets are represented with electronic tokens. Blockchain technology is used to compute the value of tokens, as well as to store, track, and exchange them.

Blockchain is a great platform for cryptocurrency because it does not require a central authority in order to operate in a peer-to-peer manner. But blockchain can also be used for countless other projects in which a verifiable, distributed workflow is needed.

Blockchain in Action

You may have heard about Walmart using blockchain to improve the traceability of mangoes. Whenever a foodborne illness is discovered, Walmart must quickly identify and isolate the products that need to be destroyed, without impacting (and wasting) unaffected products. With IBM’s help in developing a blockchain supply-chain network, Walmart reduced the time needed to trace a mango from 7 days to 2.2 seconds. It also ran a similar pilot with pork products in China. These two successful pilots led to an expansion of the network to all Walmart food suppliers and some competitors. The resulting blockchain supply-chain network is called the IBM Food Trust.

In another application, Oracle is working with the World Bee Project to use blockchain across the supply chain to record the DNA signature of each specific batch of honey that is being shipped. On the receiving end, tests can be run to make sure that the DNA of the honey shipped matches the DNA of the honey that is received. This helps verify that the honey is free from tampering and is the same product that was shipped, to avoid fraud and counterfeiting.

Blockchain applications go far beyond supply chains. For example:

  • Blockchain is being used in the real estate industry, to add trust and transparency to property exchanges.

  • The construction industry is currently exploring blockchain as a way to transparently manage projects, to ensure that work is completed on time and in accordance with contractual terms.

  • School districts are incorporating blockchain traceability into their financial systems, to discourage fraud.

  • Major news outlets are researching ways to make stories and media traceable via blockchain, to prevent content plagiarism.

  • Blockchain is being explored by the entertainment industry to make sure royalties are properly distributed for recordings and live music ticket sales.

  • Artists, museums, and distributors are using blockchain to prove provenance and authenticity of collectibles.

What Is Blockchain?

According to Austin Blockchain Collective Executive Director Pete Harris, who works directly with more than a hundred blockchain-focused businesses in Austin, Texas, “Blockchain is a distributed ledger technology that supports immutable, shared, replicated datasets, which are maintained in accordance with an agreed consensus mechanism.” Let’s break this down a bit more.

Blockchain uses programmed logic to define, validate, and distribute transactions in a multiparticipant network, storing the transactions in interconnected units called blocks. The blocks are chained together by hashes, which are based on the content of the blocks, and have to pass multiple checks before they are stored. Because of this, data stored on a blockchain is never to be removed or modified. New blocks are required to reflect changes to data.

Blockchain is generally not the entire focus of an application, but a feature added to an existing workflow to improve traceability and transparency. Instead of thinking about how your organization can use blockchain, think about what collaborative processes could use improvements, and how blockchain touchpoints could be added to improve trust and increase efficiency.

How Blockchain Works

Blockchain involves a series of blocks of related transactional data, each timestamped and permanently linked to one another, and distributed and validated via a peer-to-peer network, as follows:

  1. Blocks are distributed: Blockchain does not use a centralized server like most business applications, but instead the data and code are distributed via a peer-to-peer network. In this network, each participating organization has its own copy of the blockchain system running on its own peer, which is known as a node. The peers communicate directly once they are established.

    This makes blockchain very attractive as a ledger for business-to-business workflow, or for breaking down barriers between departmental silos within single organizations. Since each organization runs a copy of the system and the data, it helps to establish trust.

  2. Participant requests are validated: Before transactions are validated and placed into a block by one of the participating people or systems in an organization, the request is first tested on their node against a smart contract, which contains predetermined business logic tests. If these tests are successful on the requesting participant’s node, then the request is broadcast to all nodes in the network, and tested on each node by the smart contract and other algorithms that validate the request.

  3. Blocks are formed and linked: Blockchain gets its name from its method of forming blocks from a list of transactions and then linking (or “chaining”) the blocks to each other through unique fixed-length strings of characters called cryptographic hashes. This is done by computing a hash based on a block’s contents, then storing a copy of the previous block’s hash, along with its own hash, in the header of each block.

    The hashes reflect the content of the transactions, so if a block’s data gets manually changed in the filesystem by tampering or corruption, the hash of the block will no longer match the hash recorded in the next block. Thus any modification to a block can be easily detected. This makes blockchain well suited for creating permanent records and audit trails.

    If a hacker changes a block’s contents manually or tries to insert a block midchain, it will impact not only that block, but every block after it in the chain.

  4. The block’s contents are verified: If the request to add a new block passes all of a node’s checks, then the block is added to that node’s copy of the blockchain. If the checks are not passed, the new block will be rejected. If your system is programmed in this way, it will then flag the denied request for potential security issues.

Note

Since blockchain data is never modified, this process only happens when new data is added.

This flow is illustrated in Figure 2-1.

How new data is posted to a blockchain
Figure 2-1. How new data is posted to a blockchain

To break it down further, in order to understand blockchain technology, you should become familiar with the following concepts:

  • Distributed ledger technology (DLT) versus blockchain

  • Cryptographic hashes and immutability

  • Validating and distributing transactions with smart contracts and consensus

  • How files are stored and containerized

  • Reading and using blockchain data

  • Centralized components of enterprise blockchain

  • Identity management

  • Security

The sections that follow will delve deeper into each of these points.

DLT Versus Blockchain

As mentioned previously, blockchain is a type of DLT. Here are some points to consider:

  • A ledger is an ongoing log of transactions. This could be a handwritten log of how you spent last month’s payroll, or your bank account records.

  • A distributed ledger is a digital record that can be used to share ownership of and responsibility for information that is being recorded by multiple parties.

  • Like blockchain, DLT can be an immutable, distributed collection of data, shared via peer-to-peer networking.

It bears repeating that blockchain is special because the transactions are stored in a series of linked blocks, which are managed by the blockchain platform. Figure 2-2 shows how cryptographic hashes are used to link blocks, forming a chain with the contents. None of the content in a block can be changed without altering the computed hash, and this breaks the chain.

In blockchain content blocks are linked through hashes to create a chain. Hashes are created using a cryptographic key and a predefined algorithm.
Figure 2-2. In blockchain, content blocks are linked through hashes to create a chain. Hashes are created using a cryptographic key and a predefined algorithm.

Cryptographic Hashes and Immutability

The information in a blockchain is often referred to as immutable, which means that the history of transactions in the blockchain can never be removed without breaking the chain. Each block’s header contains a cryptographic hash generated based on the contents of the current block, as well as the previous block’s hash.

While it is possible to tamper with blockchain data, any such tampering would be clearly evident. If even one character in a block is changed, a different hash would be generated for the changed block, and it would no longer match the original hash. Since the next block’s header already contains the original hash, this breaks the chain.

The first record in blockchain is called the genesis block. It doesn’t contain any transactions, but it does contain system configuration information. This begins the string of blocks that can’t be modified because the validity of each block depends on the validity of the previous block.

Validating and Distributing Transactions

The exact process of how transactions are validated and shared among peers varies among blockchain implementations. However, all implementations use some form of a smart contract and consensus to validate the data as it is distributed.

Smart Contracts

A smart contract is a critical part of a blockchain system. It contains logic that tests each request to add transactional data to a blockchain. It tests the conditions against predetermined criteria that govern whether or not a block can be posted and shared to all of the nodes in the network.

When a request is made to initiate a transaction, the requesting peer first tests the request against the appropriate smart contract. If the request meets the smart contract’s criteria, processing of the transaction continues; if the request does not pass the smart contract criteria, the transaction will be rejected.

Consensus

After the blocks are broadcast directly to each peer in the blockchain network, they must follow a structured, predetermined process called consensus. Depending on the blockchain system, there are a variety of consensus algorithms that could be used to validate the blocks. Invalid blocks will not be committed, and will return an error to the requesting node.

One common complaint about blockchain is its slowness. Another is that it consumes an enormous amount of electricity. While true of large public systems, these complaints don’t apply to enterprise blockchain systems. This is because, unlike cryptocurrency applications, enterprise blockchain does not commonly use proof-of-work consensus, in which anonymous peer computers race to solve a mathematical equation in return for a tokenized reward. Instead, enterprise blockchain typically uses a proof-of-authority or voting-style approach, based on the predetermined authority of nodes in a network. This is effective because the identity of business blockchain participants is typically a known factor.

Storage and Containers

Since blockchain is typically a feature of an application that runs in the background, someone using the system doesn’t need to understand where and how the data is stored. But if you are planning to build a blockchain application of your own, you should learn the architecture of your specific platform in order to understand where blockchain is strong, where extra security is desired, and how containers help with deploying blockchain networks:

Where Blocks Are Stored

Blockchain transactions are stored in each peer’s filesystem. This is why it is important to note that blockchain is hackable—the data could be manipulated on a peer. However, the changes can of course be detected because the hashes for the blocks containing the changed data would no longer match the originals.

The World State Database

A database called the world state database is also used to record the latest key-value pairs associated with blockchain participants and assets. A copy of this database resides on each peer along with the blockchain files. When a blockchain transaction is finalized, the world state database is updated. This can be used to query values associated with participants and assets.

LevelDB and CouchDB, which are open source, nonrelational/document-oriented NoSQL database platforms, are often used for storing blockchain world state. Few restrictions are placed on how these platforms may store data—it is all decided by the program storing the data rather than restricted by the structure of the database.

There are limitations, however, to using LevelDB or CouchDB as a world state database. LevelDB can’t be directly queried, and CouchDB queries are known to be slow. This has created an opening for solutions such as Berkeley DB, a software library intended to provide tools needed to build a high-performance embedded database designed for key-value storage. Berkeley DB includes features such as transaction isolation and record locking.

Using Containers

Typically, these blockchain nodes—both the blockchain files and the world state database—are distributed to the peers in a network via containers such as Docker or Kubernetes. These containers run the nodes in cloud-based environments, so physical equipment is not required by each organization. Because of this, even though the network is distributed, each node is running from a separate container that could reside on the same cloud instance.

For developers, containers can be very helpful when prototyping because multiple containers, representing multiple nodes, can run at the same time on a single system.

Reading and Using Blockchain Data

Reading the data that comes from a blockchain does not require the same validations as adding data to a blockchain. Instead, this is typically done through another system that integrates the blockchain data with other information.

A blockchain system includes many different APIs that allow various systems to interface with it. Usually the system is operated by user interfaces and backend scripts that connect people and systems to the blockchain.

However, especially during the development and proof-of-concept stages, it is desirable to query and update the blockchain via a manual interface. To enable this, a REST web-based user interface and a web-based block explorer application are typically included in blockchain software development kits.

Centralized Components of a Decentralized System

Some blockchain platforms, like Hyperledger Fabric, have been criticized for including centralized components in a decentralized system. Examples of these kinds of components are the ordering service and identity management, as described in the following sections.

Ordering Service

As mentioned in “ Validating and Distributing Transactions ”, there is an ordering service that runs on a separate node, which orders all transaction requests before they are broadcast to the blockchain. Kafka, the ordering service typically used in Hyperledger Fabric, is currently under scrutiny as a central point of failure in a decentralized system, since it runs on one node in one organization. For systems based on Hyperledger Fabric version 1.4.1 and higher, a new ordering system called Raft is available, which runs on peers. However, Raft is in its early stages and may not be suitable for production.

Enterprise Identity Management

In public blockchain applications participants self-identify, and once they join a network, they have full access to it. For private blockchain applications, security is much tighter. In the enterprise world, there is typically a central group of systems administrators who verify each user’s identity and assign the role of each participant in a system. These administrators also remove access once a user is no longer part of the group. This type of security will also have to be managed for enterprise blockchain applications.

Security

As mentioned previously, a BaaS provides identity-management tools that can be used as the foundation for security. But because security has many factors, is tough to get right, and often requires thorough testing and iterations, you cannot assume that just because you subscribe to a BaaS, your application will be secure.

Questions to ask include:

  • How are the certificates issued?

  • Is any legal or biometric identification required to register and verify human participants?

  • What systems participate in the blockchain network, and how are those systems secured?

  • How do users identify the system’s developers and administrators?

These policy decisions need to be made by the security teams from each organization involved in the blockchain network, and the policies can be enforced in smart contract code.

Permissioned Versus Permissionless Blockchain

Blockchain technology used for cryptocurrency is typically permissionless. This means that no central administrator decides who can participate and what they can see. Instead, simply being a member of the network gives a participant a full copy of the data.

In some blockchain systems, access control can be managed by setting up roles for participants that restrict their ability to read and write data. This is referred to as a permissioned blockchain. In Hyperledger Fabric (explained in the next section), access control is managed by the creation of channels; this multichain approach restricts blockchain transactions to those participants who are members of a channel.

Three Approaches to Blockchain

As we mentioned previously, there are three primary approaches for implementing a blockchain network:

  1. By implementing a blockchain platform

  2. By implementing a BaaS

  3. Using a SaaS with blockchain

If we compare this to making a cake, implementing a blockchain platform would be like making it from scratch in your own custom kitchen. Using a BaaS would be like using a cake mix, but being able to add your own icing and filling, and preparing the cake using equipment shared with other bakers; a SaaS with blockchain would be like buying a slice of cake that is ready to eat.

Approach 1: Blockchain Platform

A blockchain platform is a set of tools and concepts that can be used to construct your own blockchain network from the ground up. In other words, there are no “as-a-service” features—everything is constructed manually by developers and administrators, meaning a greater level of expertise and investment in infrastructure is needed.

Blockchain platforms are used as the foundation for BaaS and SaaS with blockchain. There are dozens of blockchain platforms, the most common being Ethereum and Hyperledger Fabric, which are explained in Approach 2.

Approach 2: BaaS

BaaS is “as-a-service” cloud technology for implementing a blockchain platform. Acquiring a BaaS means that you can set up and use complex blockchain platforms without having a high level of systems expertise. Annual or monthly subscriptions can typically be purchased by credit card.

BaaS versus blockchain without BaaS

The array of hardware, programmers, network engineers, systems administrators, and security experts needed to set up a secure, robust blockchain network is cost-prohibitive for many projects, especially those still in the research and development stages. A BaaS provides much of this hardware, software, and expertise behind the scenes, and puts the focus on the logic and workflow of the business network.

With a BaaS, blockchain nodes typically live in the cloud, although they could still be distributed to on-premises systems as well. Users are administered and certificates are managed through a control panel. Smart contracts typically still need to be written by a programmer, but the code is uploaded via a web interface to be distributed to the peers. Consensus algorithms might be chosen by a setting in the admin panel. Nodes are generated and distributed via a point-and-click interface.

The BaaS offerings from some of the larger technology companies—like IBM, Microsoft, Oracle, and SAP—include blockchain implementations specific to that company. The implementations are based on open source consortium projects such as Hyperledger Fabric and Ethereum. The technology companies add their own special features—such as enhanced security, easy integration via APIs, and ease of distribution of nodes—and then sell this as a service. These services save a lot of time and are reliable, although they can be expensive.

Blockchain Platforms Used for BaaS

Two free blockchain platforms currently among the most commonly used as a base for BaaS are Ethereum and Hyperledger Fabric:

Ethereum

An open source blockchain platform generally used to create public networks and generate cryptocurrency. Enterprise Ethereum is designed to include permissioned networks. Microsoft Azure Blockchain Platform implemented Enterprise Ethereum as its first commercial BaaS.

Hyperledger Fabric

A popular open source blockchain platform generally used for permissioned networks, it was developed by a consortium of organizations that include the Linux Foundation, IBM, and Oracle. A number of BaaS providers, including IBM, Oracle, and now Microsoft, offer blockchain service based on Hyperledger Fabric.

Due to the modular nature of blockchain systems and the industry’s rapid growth, the process of how to set up a blockchain platform is also currently undergoing rapid change; though it’s to be hoped that it will soon converge around a set of standards. For the purposes of our discussion, we will examine Hyperledger Fabric. Here’s a typical transaction flow in blockchain:

  1. If a request passes specific business logic tests contained in the smart contract, a proposal is made to all of the nodes in the network to create a new transaction.

  2. Other nodes in the network verify that the request is valid and hasn’t been previously submitted, and return their responses to the requesting node.

  3. If the network accepts the proposal by validating the request, the transactions are ordered by an ordering service, then validated by the endorsement policy contained in the smart contract.

  4. Finally, the transaction is tested by the smart contract on each peer and permanently appended to each peer’s copy of the blockchain through chaining the blocks together with cryptographic hashes.

Approach 3: SaaS with Blockchain

A third category of applications are SaaS applications that incorporate BaaS. These are ready to use with little or no technical overhead. Built with traditional web application technologies, they wrap themselves around BaaS in a way that is highly transparent to the user. These applications are industry-specific, and like a BaaS, can be purchased with a credit card on a monthly billing cycle.

Some examples of blockchain SaaS subscription services from IBM and Oracle are as follows:

IBM Food Trust

Made famous by Walmart, the IBM Food Trust connects many different participants to make food data traceable

IBM Trade Lens

Facilitates international trade by providing a single source for shipping data

IBM World Wire

Global payment network that speeds up international payments between financial institutions

Oracle Intelligent Track and Trace

Provides end-to-end visibility to supply-chain networks

Oracle Product Lineage and Provenance

Used to verify the authenticity and origin of products

Oracle Intelligent Cold Chain

Monitors the condition of goods prior to point of sale

Oracle Warranty Usage and Tracking

Monitors rental, warranty, service, and insurance information for high-value assets

Since these offerings are constantly changing, before undertaking a blockchain development project it may be wise to research current offerings to determine if there is a blockchain SaaS that already meets your needs.

Note

There is a fine line between SaaS with blockchain and BaaS. The SaaS with blockchain category represents the industry-specific, cloud-based applications that drive workflow for an industry process and include blockchain as a feature; they’re often the frontend for a BaaS.

To join this sort of prebuilt, industry-specific blockchain network, the best way to find the right one is to join a blockchain consortium that fits your industry, and build strategic alliances with partners who are forming a network. You can also ask your customers if they participate in any such consortiums or have blockchain in their future plans, since large customers could drive the technology decisions. (We discuss consortiums in more detail in Chapter 7.)

SaaS versus BaaS

When using a SaaS, clients and admin requests all go directly into the cloud service (such as Salesforce). More often than not, SaaS is accessed with a web or mobile client.

By contrast, when using a BaaS (like the IBM Blockchain Platform), only the administration requests go directly into cloud services. The BaaS distributes containers, usually into cloud locations, and creates a peer-to-peer network with them. Each container includes software and data for running the blockchain as a distributed node. New transactions are sent to the nodes by the participants, usually with a web or mobile client, or by an API and blockchain oracle in the case of a backend system.

When using a SaaS with blockchain (like the IBM Food Trust), the type of architecture you’ll encounter will likely be some combination of SaaS and BaaS.

Consider Your Requirements

Keep in mind that not all features of blockchain are needed for all applications. For example:

  • Most enterprise applications don’t use tokens, although they could offer a token that tracks and exchanges value among the network’s participants. An example of this is a token used for internal chargebacks between departments.

  • Maybe you have an application where you don’t yet need to distribute the nodes, but you’d like an encrypted ledger that lets you trace back blocks of transactions generated by multiple systems via a blockchain audit trail. An auditor could be added at a future time and provided with a node.

Even if your first project has limited features, it will still have the benefit of allowing your team to gain experience and confidence in working with blockchain technology.

Summary

Knowing these basic concepts and features of blockchain and how they are applied is critical to understanding when and how blockchain can be applied to your own use case. This knowledge will help you determine if you actually need BaaS, or if some simpler technology, such as a centralized database, will suffice.

Will BaaS become a part of everyone’s technology stack? Not necessarily; some companies will pass on adopting blockchain. But most organizations will experiment with blockchain, learn over time to trust it, and potentially go on to build more complex applications that provide value to the network participants.

Blockchain will certainly become a permanent tool in the kit of any business analyst, solutions architect, or developer that wants to provide proof of transactions, add provenance and traceability, and govern any agreement by coding the terms into a smart contract that will administer the transaction in a fair, unbiased way. Since BaaS simplifies, streamlines, and secures the setup and maintenance of a blockchain system, this technology implementation is likely here to stay.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.134.81.206